The malware in question is a trojan horse called Flashback (OSX/flashback.A); users may end up acquiring it by clicking a link on a malicious website to download or install Flash player. If those users also have their Safari settings to automatically open safe files (which .pkg and .mkpg files are considered to be), an installer will show up on their desktops as if they are legitimately installing Flash.

MYmacROX

09-27-2011 11:17 AM

I hope by now that the vast majority of us have unchecked that box to automatically install "safe" files. It's such an easy preventive measure and the only weakness (so far) that malware has managed to exploit.